| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> Re: Changing Oracle gid and uid?
David Sharples wrote:
> you would also have to reset the setuid permission on the oracle
> executable as it would be lost with a chown
Not so. chmod changes file permissions, not chown.
Marquez, Chris wrote:
>
> So when I use the nfs from servers dbA and dbB they see the files as
> owned by oracle, but from server dbC the files are owned by another
> user (the use with that uid in the local passwd / group file).
> And the opposite happens when pushing a file from dbC, when dbA and
> dbB look at it.
>
> What is my work-around?
> The SA came up with the idea of changing Oracle's gid and uid on dbC. > > I have been in this situation before, when someone broke oracle by > changing the oracle gid and uid, but I just changed it back to whatis > was.
The SA's idea is correct. If someone else "broke oracle" it was by doing an incomplete job.
I have performed this same task under both Oracle 7 and Oracle 9, no relinking is required. In Unix, the file system only contains numeric UID and GID values, they only get converted to a name via lookup in /etc/passwd and /etc/group. (system calls getpwnam(), getpwuid(), getgrnam(), and getgrgid() perform this task).
Oracle software does not know or care anything about the numeric UID/GID, only the names. So the change is pretty easy, just like changing the description for a unique ID in a lookup table in the database.
Here is a sample scenario. Assumes new UID and GID are not already in use, of course.
users:
oracle change 101 => 103
groups:
dba change 101 => 21
First, run pwck and grpck commands to clean up any problems with the respective files. Optional, but recommended (you'd be surprised what you might find).
# get "before" list of files to be changed for logging purposes find / -user oracle -exec ls -ld {} \; > /tmp/ora_owned_files.lst # find files which don't have DBA group, if any (shouldn't be any) find / -user oracle \! -group dba -exec ls -ld {} \; >> \
/tmp/ora_owned_files.lst
shut down all oracle software (confirm with "ps -fu oracle" command).
# make the change
find / -user oracle -exec chown 103:21 {} \;
# make backups using RCS or your favorite method
cd /etc
ci -l passwd
ci -l group
# change lookups
vipw [...change oracle UID to 103, GID to 21]
vi /etc/group [change dba GID to 21]
# re-run listing to check for consistency # check output to see what's changed...should be the same as "before" # listing
/tmp/ora_owned_files.lst.new &
It might be a little slow, you can experiment with the recursive option of chown instead of using find. Or, instead of -exec option of 'find', pipe output to xargs command. Just be sure you handle symbolic links correctly. (Your SA should understand all of this, in case you don't).
-- Mark Bole http://www.bincomputing.com -- http://www.freelists.org/webpage/oracle-lReceived on Wed Oct 05 2005 - 18:58:07 CDT
 |
 |